Reporting Security Issues
BIND and DHCP security is critical to the Internet Infrastructure. If you think you may be seeing a potential security vulnerability (for example, a crash with REQUIRE, INSIST, or ASSERT failure), please report it immediately to security-officer@isc.org and do not post it on any public mailing lists. We provide numerous alternate ways to contact our security officer alias, including via the Bug Report Form and the ISC Contact form.
Please see our Security Vulnerabilty Disclosure Policy for details on how we publish security vulnerabilities.